From 491553fcb350562812d5dd1f5c9cbf0d472c2ba4 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Wed, 15 Jun 2016 21:36:06 -0400
Subject: nshd: use meta-cat

---
 src/nshd/hackers_git/db_config.go     |  4 +--
 src/nshd/hackers_git/hackers.go       | 35 +++++++++---------
 src/nshd/hackers_git/hackers_parse.go | 67 +++++++++++++++++++++++------------
 src/nshd/main.go                      | 37 -------------------
 src/nshd/main.go.in                   | 37 +++++++++++++++++++
 5 files changed, 100 insertions(+), 80 deletions(-)
 delete mode 100644 src/nshd/main.go
 create mode 100644 src/nshd/main.go.in

(limited to 'src')

diff --git a/src/nshd/hackers_git/db_config.go b/src/nshd/hackers_git/db_config.go
index dc3b99e..f049b90 100644
--- a/src/nshd/hackers_git/db_config.go
+++ b/src/nshd/hackers_git/db_config.go
@@ -35,8 +35,8 @@ func (o *Hackers) Config_Get(cred s.Ucred, req p.Request_Config_Get) <-chan p.Co
 
 		switch req.Key {
 		case p.NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE:
-			if o.Cfg.Pam_password_prohibit_message != "" {
-				ret <- p.Config{Value: o.Cfg.Pam_password_prohibit_message}
+			if o.cfg.Pam_password_prohibit_message != "" {
+				ret <- p.Config{Value: o.cfg.Pam_password_prohibit_message}
 			}
 		}
 	}()
diff --git a/src/nshd/hackers_git/hackers.go b/src/nshd/hackers_git/hackers.go
index b72698f..19efafd 100644
--- a/src/nshd/hackers_git/hackers.go
+++ b/src/nshd/hackers_git/hackers.go
@@ -28,7 +28,6 @@ import (
 	"lukeshu.com/git/go/libnslcd.git/proto/server"
 	"lukeshu.com/git/go/libnslcd.git/systemd"
 	"lukeshu.com/git/go/libsystemd.git/sd_daemon/logger"
-	"path/filepath"
 	"sync"
 )
 
@@ -37,16 +36,18 @@ type user struct {
 	groups []string
 }
 
-type Config struct {
+type config struct {
 	Pam_password_prohibit_message string
-	Yamldir                       string
 }
 
 type Hackers struct {
 	nslcd_server.NilBackend
-	Cfg  Config
 	lock sync.RWMutex
 
+	CfgFilename string
+	YamlCat     string
+
+	cfg    config
 	users  map[int32]user
 	groups map[string]map[string]bool
 }
@@ -55,6 +56,8 @@ var _ nslcd_systemd.Backend = &Hackers{}
 var _ nslcd_server.Backend = &Hackers{}
 
 func (o *Hackers) Init() error {
+	logger.Debug("hackers.git: CfgFilename = %v", o.CfgFilename)
+	logger.Debug("hackers.git: YamlCat     = %v", o.YamlCat)
 	err := o.Reload()
 	if err != nil {
 		logger.Err("hackers.git: Could not initialize: %v", err)
@@ -77,28 +80,24 @@ func (o *Hackers) Reload() error {
 	o.lock.Lock()
 	defer o.lock.Unlock()
 
-	filenames, err := filepath.Glob(o.Cfg.Yamldir + "/*.yml")
+	var err error
+	o.cfg, err = parse_config(o.CfgFilename)
 	if err != nil {
 		return err
 	}
-	o.users = make(map[int32]user, len(filenames))
-	o.groups = make(map[string]map[string]bool)
-	for _, filename := range filenames {
-		logger.Debug("hackers.git: Loading YAML file: %s", filename)
 
-		user, err := parse_user_yaml(filename)
-		if err != nil {
-			logger.Warning("hackers.git:  -> File ignored: %v", err)
-			continue
-		}
+	logger.Debug("hackers.git:  Parsing user data")
+	o.users, err = parse_users(o.YamlCat)
+	if err != nil {
+		return err
+	}
+
+	o.groups = make(map[string]map[string]bool)
+	for _, user := range o.users {
 		for _, groupname := range user.groups {
 			o.add_user_to_group(user.passwd.Name, groupname)
 		}
-		user.passwd.PwHash = parse_user_password(user.passwd.HomeDir + "/.password")
-		o.users[user.passwd.UID] = user
-		logger.Debug("hackers.git:  -> User %d(%s) added", user.passwd.UID, user.passwd.Name)
 	}
-
 	return nil
 }
 
diff --git a/src/nshd/hackers_git/hackers_parse.go b/src/nshd/hackers_git/hackers_parse.go
index d5370eb..9dcfcc7 100644
--- a/src/nshd/hackers_git/hackers_parse.go
+++ b/src/nshd/hackers_git/hackers_parse.go
@@ -27,33 +27,13 @@ import (
 	"io/ioutil"
 	"lukeshu.com/git/go/libsystemd.git/sd_daemon/logger"
 	"os"
-	"path"
-	"strconv"
+	"os/exec"
 	"strings"
 )
 
-func filename2uid(filename string) int32 {
-	basename := path.Base(filename)
-	parts := strings.SplitN(basename, ".", 2)
-	if len(parts) != 2 || parts[1] != "yml" {
-		return -1
-	}
-	uid, err := strconv.ParseInt(parts[0], 10, 32)
-	if err != nil {
-		return -1
-	}
-	return int32(uid)
-}
-
 var usersGid = name2gid("users")
 
-func parse_user_yaml(filename string) (ret user, err error) {
-	ret.passwd.UID = filename2uid(filename)
-
-	if ret.passwd.UID < 0 {
-		err = fmt.Errorf("Invalid user filename: %q", filename)
-		return
-	}
+func parse_config(filename string) (cfg config, err error) {
 	file, err := os.Open(filename)
 	if err != nil {
 		return
@@ -62,11 +42,52 @@ func parse_user_yaml(filename string) (ret user, err error) {
 	if err != nil {
 		return
 	}
+	err = yaml.Unmarshal(contents, &cfg)
+	return
+}
+
+func parse_users(yaml_cat string) (users map[int32]user, err error) {
+	contents, err := exec.Command(yaml_cat).Output()
+	if err != nil {
+		return
+	}
+
 	var _data interface{}
 	err = yaml.Unmarshal(contents, &_data)
 	if err != nil {
 		return
 	}
+
+	data, isMap := _data.(map[interface{}]interface{})
+	errs := []string{}
+	if !isMap {
+		errs = append(errs, "root node is not a map")
+	} else {
+		users = make(map[int32]user, len(data))
+		for _uid, _user := range data {
+			uid, isInt := _uid.(int)
+			if !isInt {
+				errs = append(errs, fmt.Sprintf("UID is not an int: %T ( %#v )", _uid, _uid))
+				continue
+			}
+			user, _err := parse_user(_user)
+			if _err != nil {
+				errs = append(errs, fmt.Sprintf("Could not parse data for UID %d: %v", uid, _err))
+				continue
+			}
+			user.passwd.UID = int32(uid)
+			logger.Debug("hackers.git:  -> User %d(%s) parsed", user.passwd.UID, user.passwd.Name)
+			users[user.passwd.UID] = user
+		}
+	}
+	if len(errs) > 0 {
+		users = nil
+		err = &yaml.TypeError{Errors: errs}
+	}
+	return
+}
+
+func parse_user(_data interface{}) (ret user, err error) {
 	data, isMap := _data.(map[interface{}]interface{})
 	errs := []string{}
 	if !isMap {
@@ -122,7 +143,7 @@ func parse_user_yaml(filename string) (ret user, err error) {
 		err = &yaml.TypeError{Errors: errs}
 	}
 
-	ret.passwd.PwHash = "!"
+	ret.passwd.PwHash = parse_user_password(ret.passwd.HomeDir + "/.password")
 	ret.passwd.GID = usersGid
 
 	return
diff --git a/src/nshd/main.go b/src/nshd/main.go
deleted file mode 100644
index 6871518..0000000
--- a/src/nshd/main.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2015 Luke Shumaker <lukeshu@sbcglobal.net>.
-//
-// This is free software; you can redistribute it and/or
-// modify it under the terms of the GNU General Public License as
-// published by the Free Software Foundation; either version 2 of
-// the License, or (at your option) any later version.
-//
-// The GNU General Public License's references to "object code" and
-// "executables" are to be interpreted to also include the output of
-// any document formatting or typesetting system, including
-// intermediate and printed output.
-//
-// This software is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public
-// License along with this manual; if not, see
-// <http://www.gnu.org/licenses/>.
-
-// Command nshd is an implementation of nslcd that talks to hackers.git instead of LDAP.
-package main
-
-import (
-	"lukeshu.com/git/go/libnslcd.git/systemd"
-	"nshd/hackers_git"
-	"os"
-)
-
-func main() {
-	backend := &hackers_git.Hackers{Cfg: hackers_git.Config{
-		Pam_password_prohibit_message: "",
-		Yamldir: "/var/cache/parabola-hackers/users",
-	}}
-	os.Exit(int(nslcd_systemd.Main(backend)))
-}
diff --git a/src/nshd/main.go.in b/src/nshd/main.go.in
new file mode 100644
index 0000000..59e032e
--- /dev/null
+++ b/src/nshd/main.go.in
@@ -0,0 +1,37 @@
+// Copyright 2015 Luke Shumaker <lukeshu@sbcglobal.net>.
+//
+// This is free software; you can redistribute it and/or
+// modify it under the terms of the GNU General Public License as
+// published by the Free Software Foundation; either version 2 of
+// the License, or (at your option) any later version.
+//
+// The GNU General Public License's references to "object code" and
+// "executables" are to be interpreted to also include the output of
+// any document formatting or typesetting system, including
+// intermediate and printed output.
+//
+// This software is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public
+// License along with this manual; if not, see
+// <http://www.gnu.org/licenses/>.
+
+// Command nshd is an implementation of nslcd that talks to hackers.git instead of LDAP.
+package main
+
+import (
+	"lukeshu.com/git/go/libnslcd.git/systemd"
+	"nshd/hackers_git"
+	"os"
+)
+
+func main() {
+	backend := &hackers_git.Hackers{
+		CfgFilename: "@conf_file@",
+		YamlCat:     "@bindir@/meta-cat",
+	}
+	os.Exit(int(nslcd_systemd.Main(backend)))
+}
-- 
cgit v1.2.2